On Wed, Feb 26, 2020 at 04:40:45PM -0500, Gene Heskett wrote: [...] > My reasoning too. I'd much druther be a black hole that doesn't even have > any Hawking Radiation. The bigger the hole, the less Hawking radiation :) [...] > In that event, and given that a /24 rule caught them, how many out of > that /24 get the reject message? Since the REJECT is part of the TCP connection establishment, only one is the target of this response (how many actually /can/ see it in their local segment is anyone's guess, but these days of intelligent switches, segments tend to be small-ish). > The iptables docs aren't that talkative... No need to bang on the other > 255 customers in that block that are not offenders. That wouldn't be at > all neighborly. And likely would make the situation much worse. Go, no: run to your Internet Library [1] and read up until the section "Connection Establishment" (no worries: it's early in that book). And for people behind restricted Internets: Wikipedia is downloadable! Alternatively go to your paper library and present yourself with one copy of R.W. Stevens "TCP-IP Illustrated". Not the most modern, but one of the best. Cheers -- t
Attachment:
signature.asc
Description: Digital signature